Twitter password scare and direct message scams

PORTLAND, Maine (NEWS CENTER) - Earlier today many Twitter users got an email saying that they needed to change their passwords, but most thought it was a scam. The problem... it wasn't!

Here is a quote from the email that went out Thursday morning to many Twitter users:

"Twitter believes that your account may have been compromised by a website or service not associated with Twitter. We've reset your password to prevent others from accessing your account."

These days an email like this would set off alarms for most social media users. Be it Facebook, Twitter, Tumblr or whatever... often emails like this are considered a scam -- especially if a password reset was not requested by you. Users initially believed these emails were a trick, until they tried to log on to their accounts only to find they couldn't.

Later in the day, Twitter posted a statement on their Tumblr account saying:

They often run security checks to make sure people's accounts are protected. In this case, they had planned to reset a small number of passwords, but accidentally reset a whole lot more.

Just as an observation, over the last few days I've seen an increase in direct message spam on Twitter, I've seen a lot of users having their account being hacked. It could be something related to that. We won't know until Twitter releases more information.

Direct messages are like private messages on Twitter and lately we've seen a lot of these coming through with links. These messages are always the same kind of message too:

"someone posted a rumor about you..."

"have you seen what they're saying about you,"

"OMG, I'm laughing at this video posted of you..."

All the messages are in this context, and always with a link. The link is dangerous. If you click the link your Twitter account could get hacked.

I know this is going to sound pretty simple, but just don't click on these links... just delete the message.

On the chance you click the link, you may not notice anything right away -- but your followers will. Your account will send out the same kind of direct messages to your followers (or send out weird tweets or spam like tweets). If this starts to happen, or you click on the link, change your password right away and notify Twitter. In most cases this seems to do the job. If your account is in more serious trouble it will be locked up until Twitter can clean it up.

In Facebook, it can happen as private message. What is more common lately is your email notifications. So earlier we mentioned that Twitter users thought the email they received was a hoax. They think that because there has been a rouge email floating around that looks like an email notification from Facebook -- usually a photo notification-- but if you click on the link that comes within the email -- you might download a virus or trigger a hack into your Facebook account.

The best way to avoid this is to ignore the email and log directly into your account (not through the email link). With Facebook you'll know if the notification is legit as soon as you log in. Same with Twitter. In this case users found out right away if their password didn't work.

The other way is to look closely at the email address from the sender. With the Facebook one, they were misspelling Facebook with three O's. Now these social giants aren't helping themselves because even their legitimate emails have "send addresses" that look funny.

The other trick is to hover your mouse over the link in the email --DON'T ACTUALLY CLICK ON IT -- but if you hover over it, most will show you the real link that it will take you too. So if the link in the email is a shady link, this should show you the real link.